Guardz 2026 State of MSP Threat Report: AI and cybersecurity landscape

Guardz has released its 2026 State of MSP Threat Report, outlining how artificial intelligence (AI) is changing the cybersecurity landscape. The report highlights vulnerabilities in identity, authentication, and cloud security that attackers are actively exploiting.

Based on SMB environments, the report notes that while AI has increased the speed and scale of cyberattacks, underlying security gaps remain. It highlights that attackers are exploiting weaknesses in identity and authentication systems, as well as misconfigured cloud environments.

Key findings of the report:

• Identity compromise: 89% of SMBs had users with confirmed credential compromises.
• Session hijacking: A 23% increase in session hijacking incidents, with attackers bypassing security measures such as MFA.
• Rise of non-human identities: Machine identities exceed human identities in some environments, creating additional attack vectors.
• Ransomware and fileless attacks: A 190% increase in ransomware detections, with a shift towards “living-off-the-land” techniques.
• Business Email Compromise (BEC): BEC incidents continue to result in significant and increasing financial losses.

The report also highlights Managed Service Providers (MSPs) as being increasingly exposed, as their attack surface expands across multiple clients. It notes that misuse of remote monitoring and management (RMM) tools has become a leading endpoint threat vector, enabling potential unauthorised access across client environments.

According to the findings, attackers are increasingly focusing on maintaining and extending existing access, using techniques such as session-based attacks and OAuth misuse. The report states that traditional defences alone may not be sufficient, and discusses the role of AI in supporting detection and response at scale.

The report concludes that security entry points remain vulnerable and are being actively targeted. It also states that for MSPs, AI is becoming an important part of cybersecurity infrastructure in responding to evolving threats.

As AI continues to influence cybersecurity approaches, the report emphasises the importance of identifying and addressing security gaps within MSP environments.